On Wed, Sep 27, 2017 at 07:57:43PM +0800, Harald Welte wrote:
For TMSI allocation, my "cryptographic gut
feeling"[tm] is that something
like rand() or any other pseudo-random generator of significantly large
period is sufficient *if* it is seeded by a non-predictable value. So
something like seeding with getrandom() result should be fine?
Also matches my gut feeling there. Might also make sense to periodically
re-seed from /dev/urandom / getrandom(), like every 100 TMSIs, or based on a
timeout might be easier to implement.
For long-term stable key (Ki/Op) generation for
provisioning SIM cards +
populating a HLR, I would certainly opt for using stronger randomness
sources. However, I don't think we actually implement that anywhere, do
we?
what does openssh use for public/private keypair generation?
What do you guys think? Is there somebody on this
list more
cryptographically qualified to give us proper guidance? If you know
somebody skilled who might want to help but is not on this list, would
you invite them to join this discussion?
I don't count myself as one of them, help is still appreciated.
~N